Overview

URL 47.winprizes147.digital/mx2/mxwr22.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud%20&cep=Yk8VUEceJ0Ax1QbBohMMxf4q7qj-zpQEX2e8YBO-XFbffpqgsPKDci9VBt_1TlR6R0SSNMzIjm6glT8vVI7I_WTPL0upoxj45jIfsIFiU6feJdZyF-t6laJmsvXrpaEhMjlU1A7CHNAF_aW8_hs7rdjuFack4_FkftRmDOabEFS573Rt8cMtWNg2IHqb-RPkQOSxnXTNRTV-Cn8fH_XM7aHEhSFg-WvMHdQv2ejc0sO-DmnDhZNFUIpKIhyXcAZFGJi0l7_fdTOVSoGCr0irACFEPJGI4nXxAcxS4IC7c1eKON_mFQqKnKw2re8CfybJfQdQzQtVHMteSIjXq2vb6KJLPIOGHZzZRb7EmTBNl5gnP2No2i7IBsBmqeHnOFgbHqutXiTDI5qlN4_0GG0JEWFtwcqjlcA0TaMNfAEYZAc&lptoken=1600649035c918e48535
IP217.69.14.8
ASNAS-CHOOPA
Location France
Report completed2022-09-28 07:31:51 UTC
StatusLoading report..
urlquery Alerts Scam / Brand infringement


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-28 2 unphionetor.com Sinkholed


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 05:04:09 UTC 143.204.55.27
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:06:48 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.49
mnemonic passive DNS propeller-tracking.com (1) 187053 2020-04-16 08:57:14 UTC 2022-09-28 07:06:20 UTC 139.45.197.240
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-28 04:19:13 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.148.77.40
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS 47.winprizes147.digital (22) 0 2022-03-08 10:13:57 UTC 2022-09-28 04:55:48 UTC 217.69.14.8 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-28 00:01:04 UTC 172.64.155.188
mnemonic passive DNS unphionetor.com (1) 54035 2022-02-11 12:53:49 UTC 2022-09-27 15:05:17 UTC 139.45.197.236
mnemonic passive DNS bigrourg.net (1) 219228 2021-03-16 04:51:17 UTC 2022-09-28 04:58:15 UTC 139.45.197.251
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 217.69.14.8

Date UQ / IDS / BL URL IP
2022-12-06 23:54:21 +0000
1 - 0 - 1 47.winprizes147.digital/mx2/mxwr22.html 217.69.14.8
2022-12-06 05:05:26 +0000
1 - 0 - 0 41.winprizes241.lol/za7/zaspinpro3.html?city= (...) 217.69.14.8
2022-12-05 06:23:53 +0000
0 - 0 - 12 65.winprizes265.monster/phauto1/auto1n4.html 217.69.14.8
2022-12-05 06:23:39 +0000
0 - 0 - 10 65.winprizes265.monster/phauto1/auto1n4.html? (...) 217.69.14.8
2022-12-05 05:43:33 +0000
0 - 0 - 1 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8

Last 5 reports on ASN: AS-CHOOPA

Date UQ / IDS / BL URL IP
2022-12-07 15:48:42 +0000
4 - 0 - 0 justnormalsite.ddns.net/ 45.76.0.252
2022-12-07 15:20:10 +0000
0 - 0 - 1 glickstr.com/kvf0l/index.php 104.238.147.17
2022-12-07 14:11:07 +0000
1 - 0 - 0 tooghaghagifts.digital/propelbbpro/index.html 217.69.13.14
2022-12-07 12:36:39 +0000
1 - 0 - 0 brananapie.club/brprop/index.php?browser=Chro (...) 217.69.13.14
2022-12-07 12:11:09 +0000
1 - 0 - 0 tooghaghagifts.digital/ghpropel/index.html?br (...) 217.69.13.14

Last 5 reports on domain: winprizes147.digital

Date UQ / IDS / BL URL IP
2022-12-06 23:54:21 +0000
1 - 0 - 1 47.winprizes147.digital/mx2/mxwr22.html 217.69.14.8
2022-12-05 05:43:33 +0000
0 - 0 - 1 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8
2022-12-05 05:43:22 +0000
1 - 0 - 1 47.winprizes147.digital/mx2/mxwr22.html 217.69.14.8
2022-12-05 05:41:22 +0000
1 - 0 - 0 47.winprizes147.digital/mx2/mxnotix23.html 217.69.14.8
2022-12-05 00:03:31 +0000
0 - 0 - 2 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-07 15:53:45 +0000
0 - 0 - 1 track.writive-resica.com/3797749d-2904-4927-9 (...) 18.195.128.171
2022-12-06 07:38:13 +0000
0 - 0 - 1 track.supercosmo.xyz/8204a3ea-deef-429f-8dac- (...) 18.192.108.151
2022-12-06 06:48:34 +0000
0 - 0 - 11 phythmspeters.com/a10adc1a-e65f-4b20-8c86-afc (...) 18.156.16.63
2022-12-06 05:05:50 +0000
0 - 0 - 10 www.big-winners.click/push/winner/index.html? (...) 54.230.111.25
2022-12-06 02:54:52 +0000
0 - 0 - 2 track.writive-resica.com/3797749d-2904-4927-9 (...) 18.195.128.171


JavaScript

Executed Scripts (16)


Executed Evals (1)

#1 JavaScript::Eval (size: 79, repeated: 1) - SHA256: 0e65178d8f62271321b275b4a1acce66573c59875b13c3df6238a1e9d5eaaefe

                                        (() => {
    const a = async
    function name() {};
    window['pkgmdbvbcx'] = true;
})()
                                    

Executed Writes (7)

#1 JavaScript::Write (size: 16, repeated: 1) - SHA256: 04a9d36c05ffb6a6a63a5470aa2f660dcf43c796a25200c6f7192d4dd7ee7fdc

                                        24 de septiembre
                                    

#2 JavaScript::Write (size: 31, repeated: 1) - SHA256: bb98c5d522d4f72f7b2c714a8147033c52b9efb9b523ebd42468455173ea8113

                                        Mi� rcoles, 28 septiembre 2022
                                    

#3 JavaScript::Write (size: 11, repeated: 1) - SHA256: 9d2a244f0895e3532507ff36794dae5efeae9d1ae71520e01968b3ff50d8f2d9

                                        mi� rcoles
                                    

#4 JavaScript::Write (size: 7, repeated: 1) - SHA256: 9bd88f2485acbb9426ad3dd9e06842ede8c7516d0ba8559298675f09419681fa

                                        Desktop
                                    

#5 JavaScript::Write (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#6 JavaScript::Write (size: 16, repeated: 1) - SHA256: be211464b605c713b1dc7a5c970c39577d7014e9aaf0576b0b03c8fe87d7b8c1

                                        26 de septiembre
                                    

#7 JavaScript::Write (size: 16, repeated: 1) - SHA256: 41df2d29a57174e8e32bcbbd02f59d01da90b3f15305d900b6faadb373f6aa0b

                                        25 de septiembre
                                    


HTTP Transactions (44)


Request Response
                                        
                                            GET /mx2/mxwr22.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud%20&cep=Yk8VUEceJ0Ax1QbBohMMxf4q7qj-zpQEX2e8YBO-XFbffpqgsPKDci9VBt_1TlR6R0SSNMzIjm6glT8vVI7I_WTPL0upoxj45jIfsIFiU6feJdZyF-t6laJmsvXrpaEhMjlU1A7CHNAF_aW8_hs7rdjuFack4_FkftRmDOabEFS573Rt8cMtWNg2IHqb-RPkQOSxnXTNRTV-Cn8fH_XM7aHEhSFg-WvMHdQv2ejc0sO-DmnDhZNFUIpKIhyXcAZFGJi0l7_fdTOVSoGCr0irACFEPJGI4nXxAcxS4IC7c1eKON_mFQqKnKw2re8CfybJfQdQzQtVHMteSIjXq2vb6KJLPIOGHZzZRb7EmTBNl5gnP2No2i7IBsBmqeHnOFgbHqutXiTDI5qlN4_0GG0JEWFtwcqjlcA0TaMNfAEYZAc&lptoken=1600649035c918e48535 HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         217.69.14.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Wed, 28 Sep 2022 07:31:39 GMT
Content-Length: 982
Connection: keep-alive
Location: https://47.winprizes147.digital/mx2/mxwr22.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud%20&cep=Yk8VUEceJ0Ax1QbBohMMxf4q7qj-zpQEX2e8YBO-XFbffpqgsPKDci9VBt_1TlR6R0SSNMzIjm6glT8vVI7I_WTPL0upoxj45jIfsIFiU6feJdZyF-t6laJmsvXrpaEhMjlU1A7CHNAF_aW8_hs7rdjuFack4_FkftRmDOabEFS573Rt8cMtWNg2IHqb-RPkQOSxnXTNRTV-Cn8fH_XM7aHEhSFg-WvMHdQv2ejc0sO-DmnDhZNFUIpKIhyXcAZFGJi0l7_fdTOVSoGCr0irACFEPJGI4nXxAcxS4IC7c1eKON_mFQqKnKw2re8CfybJfQdQzQtVHMteSIjXq2vb6KJLPIOGHZzZRb7EmTBNl5gnP2No2i7IBsBmqeHnOFgbHqutXiTDI5qlN4_0GG0JEWFtwcqjlcA0TaMNfAEYZAc&lptoken=1600649035c918e48535


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (649)
Size:   982
Md5:    75717b5356b379a42dbbeb97e8e7ebdc
Sha1:   1b997b49bf9ca33616565a351728655c8f0dd2e4
Sha256: 05d15b3ad63fddb29bc8d1e2a9e502ca023b1fa96576c2266f46182f46296927
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 06:37:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: euJ_5VTozcsyY8kN3DeHf3sptSmS1-tG8HuNIDfZ7ENvJV12hX0mxw==
Age: 3266


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7022
Expires: Wed, 28 Sep 2022 09:28:42 GMT
Date: Wed, 28 Sep 2022 07:31:40 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FvMYvHbUDMBnaobCAdbJc-PqgVmywjIP0l_P779RP7c4e4OHbkAbuA==
age: 79647
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mx2/pw_ix.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 31733
last-modified: Sat, 12 Mar 2022 12:35:16 GMT
etag: "7bf5-5da04adef940d"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 501 x 501, 8-bit colormap, non-interlaced\012- data
Size:   31733
Md5:    687acbbd3b26e14ec659bef6c3858cf1
Sha1:   896705dad7c2f80b6b8799b8fb0002dc24650726
Sha256: 470d5cef6a3bd96c4ed2bc3339391003885be4ef3538c73385352a58c3720aa8

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/ixo.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 13400
last-modified: Sat, 12 Mar 2022 12:35:08 GMT
etag: "3458-5da04ad7727da"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 165 x 331, 8-bit colormap, non-interlaced\012- data
Size:   13400
Md5:    125914bcab1f703d2a2e2de49e0fde1e
Sha1:   d35b3b048137bdcbc695501533a8768bda4f4776
Sha256: 99735d4ae8da195bf366a6e23a7c691ef5a79ac25f3914856281383959a699d7

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/ix-s.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 10144
last-modified: Sat, 12 Mar 2022 12:35:07 GMT
etag: "27a0-5da04ad69e937"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 236, 8-bit colormap, non-interlaced\012- data
Size:   10144
Md5:    17cd5bb6f5b7a4c7591cc78a4d20f8a7
Sha1:   848f24b1da8e371259860938affe04bdde31c4d5
Sha256: 12e62d8e269352e691cdcc7731ad26e56f04982f232dd8e57286e3a60a7967a4

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/like_user_1.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1293
last-modified: Sat, 12 Mar 2022 12:35:08 GMT
etag: "50d-5da04ad76ca19"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1293
Md5:    2aa0d43e70d60d76ac4bdff139f8c7cb
Sha1:   d7e3433297ad90f5d99249aee29b645265c9f3eb
Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/like_user_2.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1216
last-modified: Sat, 12 Mar 2022 12:35:09 GMT
etag: "4c0-5da04ad837c1c"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1216
Md5:    f9299c2023539a8f27a6e1b12ed260e5
Sha1:   046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es11.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1134
last-modified: Sat, 12 Mar 2022 12:34:59 GMT
etag: "46e-5da04acef3ae3"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1134
Md5:    5d36b498da89067476a9fd03eeaf729e
Sha1:   76aac3f888571cdc7b61bf728631f7efa5649608
Sha256: ea5cf3467159b4809e40cc6fb44a8a50e2e893f0e74e437a56ee8b596ae0f57f

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es12.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1027
last-modified: Sat, 12 Mar 2022 12:35:00 GMT
etag: "403-5da04acfbbe05"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1027
Md5:    c3f47559b409f1a96f43b7aaa72b0df8
Sha1:   456ba96aa37b1f54a087d4b99802890ae50f1fd7
Sha256: f48951fee5671231e1788289afb5363e9257e3e1965a3187f4390f0257700130

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es13.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1210
last-modified: Sat, 12 Mar 2022 12:35:00 GMT
etag: "4ba-5da04acfbcda5"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1210
Md5:    7dd2a2c0cd218e424527c97bb518b6fe
Sha1:   fc1f99dfc1338657e2c64a5dab75577916be00e8
Sha256: cd29c42b4c2912a0dd8454dd5abe5492792349cf72f556c45aaff2ccb21d2165

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es14.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1133
last-modified: Sat, 12 Mar 2022 12:35:01 GMT
etag: "46d-5da04ad07f307"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1133
Md5:    24d6c9e9e029123ba9879ec566951026
Sha1:   5f305ff0d42372de4f7e6c19e499a972bb5be75c
Sha256: 596ae4e533a5ea7e8801976978e396eedaee307fd0df035e36edff2f3babd034

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es15.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1053
last-modified: Sat, 12 Mar 2022 12:35:01 GMT
etag: "41d-5da04ad0802a7"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1053
Md5:    c9a8ec833d9629d6c408a4da84484baa
Sha1:   0bd7bc4fccff4cd4005011fcd7c2fa739541823c
Sha256: 6ec7d6b2eaab3aad6d8d922b76b4471c7ffa8d87082c258aa0473e6abe053de7

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es16.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1113
last-modified: Sat, 12 Mar 2022 12:35:02 GMT
etag: "459-5da04ad14c449"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1113
Md5:    75002fe6a58dfda6bc73530442733cc4
Sha1:   79155f33a3bca7cbc31f3d4161c63b65f613cb90
Sha256: b0a9d5347916f60ec87fbb022c06e191e05955114d78803244d979917c92804b

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/es17.jpg HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 993
last-modified: Sat, 12 Mar 2022 12:35:02 GMT
etag: "3e1-5da04ad14b4a9"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   993
Md5:    6883f5c56e55cb76d48b15ad57977649
Sha1:   157a317dfae61d646c1ddc53e44fc8bb1b649844
Sha256: 0d5df76602cd247b86e5a88d668cb823ce90da8fb7c8e5122ba4ee24a1bf8bee

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/clip_footer_3.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 2460
last-modified: Sat, 12 Mar 2022 12:34:58 GMT
etag: "99c-5da04ace0d361"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Size:   2460
Md5:    e1b626392882cc25b4d891afaa68afd4
Sha1:   454d7abdbc2548d04feb95436ea0ab4126b4f00b
Sha256: ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:31:40 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 20:32:14 GMT
Expires: Sat, 01 Oct 2022 20:32:13 GMT
Etag: "591574d6063a0b1f10fc49be998f9a09f2a2f7e4"
Cache-Control: max-age=305432,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751ac7e26a58b527-OSL

                                        
                                            GET /mx2/menu_2x.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://47.winprizes147.digital/mx2/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 124
last-modified: Sat, 12 Mar 2022 12:35:10 GMT
etag: "7c-5da04ad901e7e"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data
Size:   124
Md5:    8f68efd9388ccd80b43759b2ed542305
Sha1:   9f2cf96efe3bdec2ab64bc51856619cc02958fe6
Sha256: 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /fv.js?t=74833 HTTP/1.1 
Host: propeller-tracking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.240
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 28009d8ea1bb8d324eaa56dbf76552d3
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2601
Md5:    2454b5d5dae75e643b802fe4fd3b1a01
Sha1:   392ce50b31a27945a6ffae572905d5090121748d
Sha256: 8e8ae673e55421501bbe17309d73d84a5a879f29bce191a91aa55849d95d3b17
                                        
                                            GET /mx2/spin_prize2.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://47.winprizes147.digital/mx2/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 2814
last-modified: Sat, 12 Mar 2022 12:35:17 GMT
etag: "afe-5da04adfbf7ef"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Size:   2814
Md5:    f278c8d30fc51b72e0774b9ecb49214c
Sha1:   03b574db82b31ee5758eb5093fda8ea25d1b00d8
Sha256: 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /mx2/action_icons_20px_2x.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://47.winprizes147.digital/mx2/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 1726
last-modified: Sat, 12 Mar 2022 12:34:57 GMT
etag: "6be-5da04acd048fe"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size:   1726
Md5:    b699975b5fe73b087e711a33ff24ee1e
Sha1:   0e33cc5c32a5e7d18440751e3946076664caaf53
Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
                                        
                                            GET /mx2/comment_action_2x.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://47.winprizes147.digital/mx2/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
content-length: 641
last-modified: Sat, 12 Mar 2022 12:34:59 GMT
etag: "281-5da04acef4a83"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Size:   641
Md5:    e9b3872b3e63e19728176d45f0aa6986
Sha1:   b638f89d5d80c4cd65327da973c52f778e30bd55
Sha256: a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C380CB3C3DE69CACE9CCA15D27745FAA180CC89BB5AD521F46070402F6FFD386"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8500
Expires: Wed, 28 Sep 2022 09:53:20 GMT
Date: Wed, 28 Sep 2022 07:31:40 GMT
Connection: keep-alive

                                        
                                            GET /vctx?t=74833 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://47.winprizes147.digital
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
access-control-allow-origin: https://47.winprizes147.digital
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d60449fd3400beb66f004422d644476c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26DA3A82D9063E97C2BD31F636D533ED90A4E978ECA668AC7171531782438A81"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12621
Expires: Wed, 28 Sep 2022 11:02:01 GMT
Date: Wed, 28 Sep 2022 07:31:40 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YV6bNtMa-huPeazgDY4BOTtYchHuCiBghFI8HzvDKIqJ2wJFs5Kpug==
Age: 127


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3191
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:31:41 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:30 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hmA7+Kybus9VWa1JSoD79g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.77.40
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zJqDMqIzjO6nl0VCVW3Sg2R4i6o=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15177
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:31:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15177
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:31:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15177
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:31:42 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9314
x-amzn-requestid: ed84d0e5-30c5-4841-ba9d-3626234b2056
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VbFqBoAMFy-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c22-5d0ccbc31fb085be45ef947b;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yBDUlVwqRnXuJKsaz3vbFNhtNvihQMuk5wX5y4UmEKm1D21wSVdJHQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "60c873f097c85376797fed366804119f7e9c445e"
age: 34964
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9314
Md5:    3c58fdf09a7d552be0c8666522a29de7
Sha1:   60c873f097c85376797fed366804119f7e9c445e
Sha256: 24569f084d3fd428526503bde8b3da64152911934cd5e0e9140c06d954e4bcd9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TEv_Z7_1FsPBC2ugxBvTbts1ubHFeZjRhrSFAGt2liOt-Z5GQhmu-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:53 GMT
age: 32569
etag: "2afdfb716192540a61327137706462c53588bf23"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5377
Md5:    c301dff6ddda16fd64692c19173cfa8c
Sha1:   2afdfb716192540a61327137706462c53588bf23
Sha256: fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:08:22 GMT
age: 1400
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6157
Md5:    b255b252ceed088d6f505e7e9acfcb55
Sha1:   a6b1c3e0d506ac1c66405e061e9910fafb176a7d
Sha256: b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 33182
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6721
Md5:    c4a66beda24621e812a929933c52025d
Sha1:   e951f6b11e473b68d2fdd95b822cef120d37b1eb
Sha256: 28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 34964
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 35142
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /mx2/clean.css HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
vary: Accept-Encoding
last-modified: Sat, 12 Mar 2022 12:34:57 GMT
etag: W/"2b87-5da04acd048fe"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /mx2/footer_right.png HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/micro.tag.min.js?z=5205563&sw=/sw-check-permissions-92f09.js HTTP/1.1 
Host: bigrourg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1a5ed"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.69.14.8
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /mx2/mxwr22.html?city=Mountain%20View&model=Desktop&brand=Desktop&isp=Google%20Cloud%20&cep=Yk8VUEceJ0Ax1QbBohMMxf4q7qj-zpQEX2e8YBO-XFbffpqgsPKDci9VBt_1TlR6R0SSNMzIjm6glT8vVI7I_WTPL0upoxj45jIfsIFiU6feJdZyF-t6laJmsvXrpaEhMjlU1A7CHNAF_aW8_hs7rdjuFack4_FkftRmDOabEFS573Rt8cMtWNg2IHqb-RPkQOSxnXTNRTV-Cn8fH_XM7aHEhSFg-WvMHdQv2ejc0sO-DmnDhZNFUIpKIhyXcAZFGJi0l7_fdTOVSoGCr0irACFEPJGI4nXxAcxS4IC7c1eKON_mFQqKnKw2re8CfybJfQdQzQtVHMteSIjXq2vb6KJLPIOGHZzZRb7EmTBNl5gnP2No2i7IBsBmqeHnOFgbHqutXiTDI5qlN4_0GG0JEWFtwcqjlcA0TaMNfAEYZAc&lptoken=1600649035c918e48535 HTTP/1.1 
Host: 47.winprizes147.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         217.69.14.8
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Wed, 28 Sep 2022 07:31:40 GMT
vary: Accept-Encoding
last-modified: Wed, 06 Jul 2022 05:15:02 GMT
etag: W/"3ad0-5e31c0d1b5b2a"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---